HI all. I've got working samba AD server. It is playing nicely with Windows 10 and also successfully authenticating Linux machines with SSSD. On the Windows machines I have our EMC storage smb mounted via group policy. Managing permissions for users and groups there, as you know, happens with right click, security etc..
As you may have already guessed the troubles come when my Linux machines, that access the storage via nfs mount, need to work with folders and files created from the Windows PCs. Linux doesn't "see" the actual user/group that owns given folder. It interprets it into ID numbers starting from 1000. I'm quite sure that this is common and known issue, but I don't know what is the right way to deal with it, so any wisdom will be helpful. Here's smb.conf from server [global] > netbios name = AD > realm = XXXXXX > server role = active directory domain controller > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > winbindd, ntp_signd, kcc, dnsupdate > workgroup = XXXX > idmap config XXXX:unix_nss_info = yes > log file = /var/log/samba/samba.log > log level = 3 > [netlogon] > path = /usr/local/samba/var/locks/sysvol/XXXXXX/scripts > read only = No > [sysvol] > path = /usr/local/samba/var/locks/sysvol > read only = No also, sssd.conf from client [sssd] > domains = xxxx > config_file_version = 2 > services = nss, pam > [domain/xxxx] > ad_domain = xxxx > krb5_realm = XXXX > realmd_tags = manages-system joined-with-samba > cache_credentials = True > id_provider = ad > krb5_store_password_if_offline = True > default_shell = /bin/bash > ldap_id_mapping = True > use_fully_qualified_names = False > fallback_homedir = /home/%u > access_provider = ad and nsswitch.conf passwd: files sss > shadow: files sss > group: files sss Will appreciate any wisdom. Thanks! Z
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
